
Nmap Scripts & Metasploit Auxiliary modules for enumeration and exploit identification. MS17-010 Exploit with Metasploit. Reverse vs Bind shells.
CrackMapExec to brute force SSH. Burp intro including Intruder demo. Exploit Web App with Metasploit. SCP intro to transfer files over SSH. LinPEAS to PrivEsc.
Mail services overview - SMTP & POP3. Brute-force POP3. Telnet with credentials POP3 and collect mail.
Impacket and smbclient intro. Hidden admin shares on Windows - C$ and ADMIN$. Phishing by sending email with link to Internet Explorer Exploit. Metasploit Post modules. Convert Putty private key to work with OpenSSH.
Brute-force with CrackMapExec and Burp Intruder. Manually exploit an Authenticated RCE with a file upload vulnerability. LinPEAS to see bash history readable. PrivEsc with a vulnerability in the terminal app, screen.
Running jobs in the background with Meterpreter. High-level overview of TTY shells. Tcpdump to collect Basic Authentication credentials. SNMP enumeration.
Running WinPEAS to identify weak regsitry permissions on a non-default service. Dump Windows NTLM hashes with Mimikatz. Attempt to crack NTLM hashes with John.
Interacting with FTP. Exploit a Local File Inclusion (LFI) vulnerability in a web app to collect sensitive system info. PsExec on and run SessionGopher to collect stored 3rd party app credentials.
Abuse a cron job to gain access through a basic web shell. Establish a more stable shell msfvenom. Run Linux Exploit Suggester (LES) to exploit CVE-2021-4034 and gain root access.
This 2023 course is targeted for Beginner security professionals and enthusiasts who want to learn more about Penetration Testing and Red Teaming with practical examples. Topics cover the basics of offensive security and dive into the full pentesting lifecycle from Enumeration to Post-Exploitation.
The course guides the student through red team and ethical hacking TTP's while showcasing real-world scenarios on a cyber-range which mimics a target network. The cyber-range, Neotek is hosted by Slayer Labs and contains 11 Windows and Linux VM's all engineered to exploit! The course walks through the Neotek Campaign which is stroyline-based, providing hints and targeted directions to the attacker. Completing the course will allow you to own all 11 Neotek range targets!
The mission of this course and cyber-range is to provide the user with a technical high-level overview of ethical hacking, along with realistic scenarios and learning opportunities to become proficient in the basics of Pentesting. The goal is to provide real-world scenarios so the student can get hands-on keyboard and start running through the entire process from Enumeration to Post-Exploitation.
The course has been designed to trim the fat with the expectation that students can pause, re-watch or do additional research if they are following along hands-on in the labs. With that, the student is expected to know basic tools and TTP's in relation to offensive security, ethical hacking and pentesting. For example - covering how to setup a VM in VirtualBox, explaining the basics of networking or installing additional tools on Kali will not be covered.
Each topic dives into the technical side, providing command-line examples and explanations along the way. Topics covered (but are not limited to):
Enumeration with Nmap scripts and Metasploit.
Initial Exploitation with public Exploit-DB proofs of concepts, WebApp and vulnerable service exploitation & Brute Forcing with Hydra and CrackMapExec.
PrivEsc with LinPEAS, WinPEAS, Credential Harvesting, Metasploit Post Modules & Packet Sniffing.
Post-Exploitation by Collecting and Cracking Linux and Windows hashes with Mimikatz and John the Ripper, Harvesting SSH Keys, Transferring Files & Establishing Tunnels.
Course content uses Kali the majority of the time, but also uses Slayer Labs Neotek range targets for intel collection and as jump boxes, utilizing built-in services such as Nmap and SSH portforwarding. Students should be comfortable using Kali Linux along with Linux and Windows command-line. This course is Begineer-friendly in relation to Penetration Testing, however the student should have prior knowledge in IT fundamentals and Security essentials.